Spy Stories From The Murdoch Empire: News Corp Fights With Itself In Grand Game Of Espionage

from the corporate-spy-vs-corporate-spy dept

Back in 2008, News Corp (owners of satellite providers DirecTV) was sued by DISH Networks for allegedly hacking their competitors satellite smartcards and flooding the market with them. News Corp (sort of) lost that lawsuit. Following News Corp's more recent high-profile hacking scandal related to News Of The World, more accusations of satellite hacking emerged, this time in the UK.

But amidst all the lawsuits and accusations, it turns out there are some other fascinating stories to be found in News Corp's world of competitive corporate hacking and private security. A new book by Neil Chenoweth, Murdoch's Pirates, digs into that world and turns up some pretty fascinating results. From an excerpt published in the Sydney Morning Herald, we get the story of some befuddled inter-agency espionage between News Corp and its own subsidiary, complete with aliases, informants, moles and a cross-border escape gambit by a spy on the run.

The story is complex, but I'll attempt to summarize. In the late 90s, NDS (the branch of News Corp that deals with private security and anti-piracy activities) sent top hacker Oliver Kömmerling undercover to Toronto, under the pseudonym Alex, with a mission: pose as a satellite pirate and infiltrate the rings selling hacked DirecTV smartcards. Oliver was also one of the hackers directly involved in the hacking of competitors' smart cards, but in this case he was being put to work defending News Corp's own satellite operation. But NDS made one big mistake: they never told DirecTV, which had its own security/anti-hacking division led by a former FBI agent, and they believed Oliver was still a bonafide satellite pirate at large. They had no idea he was now working for NDS—and one of the Canadian hackers Oliver met with turned out to be working for DirecTV, and ratted him out to them. Moreover, no matter NDS or Oliver's intentions, he was breaking the law by hacking and selling smart cards to track down the "real" hackers—so he ended up facing potential arrest or detainment at the border.

As a result, the two security divisions (both ultimately owned by News Corp) played spy-games with each other, and for the details you really should just read the whole story. It's fascinating, and quite funny—and it also raises some interesting questions about how big corporations should approach this kind of security. In one way, I actually think some of the principles here are the right way to approach things—investigate the biggest commercial pirates until you have enough evidence to either bring a lawsuit against them or pass the case along to a criminal prosecutor. That's better than having the government act as corporate police. However, big problems arise when companies start breaking the law in the course of their investigation—as much as they might want to play spy, they don't get the exemptions that law enforcement and intelligence agencies do. It's also highly troubling when their investigations are intertwined with law enforcement, such as when FACT in the UK joined the police raid on the SurfTheChannel offices—that's crossing a line between private interests and government. But then, on top of all that, you have the potential for a comedy of errors like this one: News Corp spending lots of resources to put a man in significant danger in a foreign country, for the sake of hacking its own products, and spurring its own property to put more resources into tracking down a hacker that was supposed on be on their side. At some point you have to ask: what is security worth? And how likely is it to be effective against hackers if it is disorganized to the point of farce?

Bad Boys

I know quite a lot about this case myself when over a decade ago many of the people I knew were smartcard hackers.

I certainly heard stories then about NDS employees being full members of their hacking groups and they were certainly handing over confidential information like the Sky card ASIC code.

NDS were at the top of the game and their large knowledge of smartcard technology and hacking techniques went on to produce their very secure VideoGuard system.

As pointed out in this story NDS had little concern in getting their hands dirty and assisting their rival services to be hacked.

Now here is a good theory for you to mull over when years ago the Italian TPS and Stream service were in competition which helped none. Also they were seriously hacked with pirate smartcards and firmware going about.

Eventually these two services under serious financial strain merged and right when they were at their weakest was this service bought out by NewsCorp to become the new Sky Italia.

With NDS being hand in hand with the hackers then you can only guess the rest. I can certainly say that there are people out there who well know what NDS got up to a lot better than I do.

Re: We have met the enemy...

No, wait, it's worse than that. It's like the US having a double CIA agent in China that pretends to be a Chinese spy who will be sent as a double agent to work at the NSA in the US. So in the end it'll be the NSA gathering intel on the CIA via a lengthy and inefficient detour on Chinese soil?!

Murdoch's Pirates

When Neil Chenoweth, a journalist for the Australian Financial Review and author of a biography of Rupert Murdoch, stumbled across the details of possible corporate espionage carried out by a little-known organisation called News Datacom (NDS), his first response was one of disbelief.
An Israeli start-up company founded by scientists and cryptographers, NDS had been acquired by News Corporation, its biggest customer, and existed in relative obscurity until a series of billion-dollar lawsuits, with satellite service provider EchoStar suing it for piracy and French pay TV channel Canal Plus taking legal action, which they later abandoned, alleging NDS leaked valuable code on the internet.
To come to terms with why hacking may become a hugely valuable tactic and disruptive force for content providers, it's important to understand that the revenue-raising potential of pay television rests largely on the security of pay walls. If people can easily access the content without paying the subscription fee then the value of the product plummets.
This makes enabling pay-TV smartcards with security measures a hugely lucrative business. But how does a firm producing these cards show the superiority of its cards over others? One way is by demonstrating that competitors' cards can be hacked. If you can hack into your competitors' systems, potentially you can trash the commercial value of their product.
In a series of articles for the AFR, Chenoweth drew on a massive cache of emails to allege NDS hacked its rivals for commercial gain as News Corporation was moving into the Australian pay TV market. Given the sheer commercial scale involved, Chenoweth has called the alleged hacking "arguably the biggest industrial espionage case in history".
Billed as a story "about what happens when an international corporation hires its own spy force", the focus is often narrower than that, with the narrative taking in a wealth of technical detail and the minutiae of the politics and rivalries between hackers, and the hacks and counter-hacks between covert groups.
Chenoweth has secured remarkable levels of access to the hackers, and the overriding impression is of technically gifted savants in way over their heads. Even after the controversies and the mysterious death of talented hacker Boris Floricic, ruled a suicide, they often come across as naive.
Inevitably, though, the key figure in this story is Murdoch, detached as he is from much of the action. Constants in the story are his seemingly inexhaustible reserves of energy and bullishness, his cunning and unexpected capacity for charm. Although a Luddite at heart, he couldn't resist the riches on offer in this high-tech field.
While his motivations for dabbling in data encryption in the first place remain clouded, his end game of accumulating wealth, media influence and power, or some amalgam of all three, is clear.
Murdoch's Pirates is a staggering feat of research, but at times suffers from a lack of accessibility.
It is to be hoped this factual account lays the path for further work that looks beyond the crosses, double crosses, aliases and the farcical confusion to the complex questions of how law enforcement agencies should deal with this new and high-stakes world of corporate spying.